Description:
A vulnerability was reported in the Windows Kernel-Mode Driver. A local user can obtain elevated privileges on the target system.

The Windows kernel-mode driver (win32k.sys) does not properly use window handle thread-owned objects. A local user can run a specially crafted application to execute arbitrary commands on the target system with elevated privileges.

xiaohong shi of Qihoo reported this vulnerability.

Impact:
A local user can obtain elevated privileges on the target system.